background preloader

SmashTheStack Wargaming Network

SmashTheStack Wargaming Network
Related:  tutorials, training & CTF

Malware Analysis Tutorial 11: Starling Technique and Hijacking Kernel System Calls using Hardware Breakpoints Learning Goals:Understand hardware breakpointUnderstand vectored/structured exception handlingUnderstand the tricks that interrupt module loadingApplicable to:Operating Systems.Computer Security.Programming Language Principles.Assembly Language.1. Introduction Starling is a bird that steals nests of other birds. In this tutorial, you will look at a "starling" technique used by Max++ to run its own malicious code using the "body" of another benign module named "lz32.dll". 2. (1) Clear all hardware breakpoints. (2) In code pane, right click and go to expression "0x4014F9" (3) right click and then "breakpoints -> hardware, on execution" (4) Press F9 to run to 0x4014F9 (4) If you see a lot of DB instructions, select them and right click -> "During next analysis treat them as Command". (5) Restart Max++ and run to 0x4014F9 again. 3. According to [1], zwAllocateVirtualMemory has 6 parameters, as shown in the following: (1) Where is the data from? 3.3. 4. //for x86 typedef struct _CONTEXT {

Fusion About Fusion is the next step from the protostar setup, and covers more advanced styles of exploitation, and covers a variety of anti-exploitation mechanisms such as: Address Space Layout RandomisationPosition Independent ExecutablesNon-executable MemorySource Code Fortification (_DFORTIFY_SOURCE=)Stack Smashing Protection (ProPolice / SSP) In addition to the above, there are a variety of other challenges and things to explore, such as: Cryptographic issuesTiming attacksVariety of network protocols (such as Protocol Buffers and Sun RPC) At the end of Fusion, the participant will have a through understanding of exploit prevention strategies, associated weaknesses, various cryptographic weaknesses, numerous heap implementations. Download Downloads are available from the download page Getting started Have a look at the levels available on the side bar, and pick which ones interest you the most. To get root for debugging purposes, do "sudo -s" with the password of "godmode".

About Exploit Exercises p0wnlabs .:. Vulnerable Distros The community has coughed up some classic distributions full of juicy targets and p0wnlabs is testing out a program to host them for your hacking pleasure. Simply configure your system to connect to p0wnlabs via openvpn and hack away! Here's the openvpn config package you will need to connect. It's a simple tar archive of the text file and the necessary keys suitable for starting openvpn on linux. Once you're connected you'll get an extra ethernet interface on a network. Where would we be without metasploit? Uh..nowhere? And we're nice enough to host it. Hints/Docs The target VM (1 instance for now) will be at OWASP is awesome and to prove it they created webgoat a deliberately vulnerable J2EE web application. Learn XSS, weak session cookies, sql injection and more! Your target (once connected) is Damn Vulnerable Web App, Webgoat, Vicnum, Mutillidae, Ghost, Peruggia, and more await your p0wning. Enjoy!

Top 50 Hacking Tools That You Must Have Whether you are a Penetration tester, a hacker or an aspiring newbie trying to learn Cyber Security, you must have a nice catalogue of tools to make your life easier. While these tools do make working simpler but cannot compensate for the vast amount of knowledge required in this field. In this post i’m going to mention 50 different tools under 9 categories that your ‘Hack Lab’ must have. Most of the tools mentioned in this post are pre-included in Kali Linux which you can install to have them at once. Intrusion Detection Systems :- These are the tools you must have if you’re building a hack lab for penetration testing or for any security arrangement. SnortNetCop Encryption Tools :- While the above tools do identify any suspicious activity but they can’t protect your data, you need encryption tools for that. TrueCrypt (The project has been shut down and no longer supported)OpenSSHPuttyOpenSSLTorOpenVPNStunnelKeePass Port Scanners :- NmapSuperscanAngry IP Scanner Packet Sniffers :- Enjoy..!!

Malware Analysis Tutorial 1 - VM Based Analysis Platform Learning Goals:Configure a virtual machine based experimental platform for malware analysis.Master basic network sniffing/monitoring skillsThis Lesson Can be Used as a Lab Module in:Computer Networks and Communication ProtocolsOperating SystemsChallenge of the day: Run the Max++ malware, can you describe its network activities? For those of you who had trouble with downloading the sample from offensive computing, here is another link: Or follow Bonfa's tutoria [1] on the download instructions. 1. This tutorial is intended for those who are interested in malware analysis. The purpose of this lesson is to set up a virtual machine based analysis environment. Windows XP SP2 installation disk (Note: it has to be SP2)Linux Ubuntu installation disk (the version we use in this tutorial: Ubuntu 10.04 lucid LTS. 2. We will need to download a number of other open-source/free software tools. 3.1 XP Guest 3.2 Linux Guest 3.

Welcome to Hellbound Hackers [Video] VulnImage - Automated Method Links Watch video on-line: *Temporarily Disabled* Download video: Brief Overview VulnImage is an obscure (I can't even find a 'homepage' as such, for it!) "boot-to-root" operating system which has purposely crafted weakness(es) inside itself. The user's end goal is to interact with it and get the highest user privilege they can. The 'automated' tag is because of the combination of Burp Proxy & SQLMap to discover the SQL injection vulnerability with very limited user interaction as well as using a kernel exploit to escalate privileges to gain root access. Method What do I need? Walkthrough The first stage is to locate the target, which the attacker does by using "NetDiscover" as this quickly lists all IP's, Media Access Control (MAC) addresses and any known vendors that relate to the MAC address in any subnet. 'Normal' Attacker (Firefox) <---> Target (Web server) 'Intercepted' Game over Game over...again Commands Notes

Wargames - Monxla (HES2012) We're hackers, and we are good-looking. We are the 1%. This wargame was introduced at the Hackito Ergo Sum (HES) 2012 conference in Paris and is centered around the fictitious Russian crime family Nasenko. As of November 2012, the Monxla game has been released to the public and can be downloaded at - OverTheWire Wargame.iso The following instructions are also included on the livecd: --- OverTheWire's Monxla wargame, released November 2012 --- 1.